Access control method and device based on token and supporting object attributes

An access control and token technology, applied in the computer field, can solve the problems of low access control efficiency, achieve the effect of improving access control efficiency, reducing applications, and reducing data volume

Active Publication Date: 2020-09-15
WUHAN UNIV OF TECH
View PDF8 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The present invention proposes a token-based access control method and device that supports object attributes, which is used to solve or at least partially solve the technical problem of low access control efficiency existing in the methods in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and device based on token and supporting object attributes
  • Access control method and device based on token and supporting object attributes
  • Access control method and device based on token and supporting object attributes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] This embodiment provides a token-based access control method that supports object attributes, including the following steps:

[0036]S1: The management side predefines the category of attribute conditions and the category of access rights, and marks the attributes of the managed devices. The category of attribute conditions is an abstraction of a class of attribute conditions, and an attribute condition category is set by setting specific attributes. Parameters can be transformed into an attribute condition, and multiple attribute conditions constitute the attribute condition set CS. CS represents the conditions that the object of the token needs to meet, and is used to limit the object range of the token. Selecting some access rights categories can form the access rights set AR , AR is used to represent the operations that the subject of the token can perform on the object;

[0037] S2: The management side receives the first token request sent by the applicant, and tak...

Embodiment 2

[0201] Based on the same inventive concept, the present invention also provides a token-based access control device that supports object attributes, including:

[0202] The preprocessing module is used to predefine the category of attribute conditions and the category of access rights, and perform attribute labeling on the managed devices. The category of attribute conditions is an abstraction of a class of attribute conditions. The attribute parameters of the token can be converted into an attribute condition, and multiple attribute conditions constitute the attribute condition set CS. CS represents the conditions that the object of the token needs to meet, and is used to limit the object range of the token. Selecting some types of access rights can constitute access rights Set AR, AR is used to represent the operations that the subject of the token can perform on the object;

[0203] The token request receiving module is used to receive the first token request sent by the ap...

Embodiment 3

[0207] Based on the same inventive concept, a computer device includes a memory, a processor, and a computer program stored in the memory and operable on the processor, and the processor implements the method described in Embodiment 1 when executing the program.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an access control method and device based on a token and supporting object attributes. A management party predefines the category of the attribute condition and the category ofthe access permission, and carries out attribute labeling on managed equipment; the management party receives a first token request sent by an application party, takes out an attribute condition setCS, an access permission set AR and a public key PK of an applicant in the request; the management party performs identity authentication on the applicant by using the PK, evaluates the attribute condition set CS and the access permission set AR, generates a serial number of a token after the sets pass evaluation, generates a token of an applicant based on the serial number and the first token request and sends the token to the applicant; the applicant serves as a subject of access control, and sends the corresponding token to an object; and the object carries out identity authentication on the subject and verifies the received token, including the verification of the attribute condition set CS by the object according to the attribute of the object, and if the token passes verification, access is allowed.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a token-based access control method and device supporting object attributes. Background technique [0002] Access control technology based on capability tokens uses tokens to record the subject's access rights to objects. Tokens can be understood as credentials and tickets, which are the embodiment of access rights. The token should record the corresponding subject S, object O and the resources that can be accessed or the operations that can be performed. At the same time, the token should have the characteristics of anti-tampering and anti-counterfeiting. The subject S of the token refers to the accessing party, which can be a user or a device, and the object O refers to the accessed party, usually a device. The subject holds the token signed by the management party and can access the resources specified in the token. [0003] In the prior art, mainstream token data ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3213H04L63/0807H04L63/10
Inventor 肖敏牛文强
Owner WUHAN UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap